<?php

class user {

	function user() {
	
	}
	
	function login ($user, $pass) {
		$q = "SELECT * FROM _users WHERE user = '".$user."' AND pass = MD5('".$pass."') LIMIT 1";
		$r = $GLOBALS['Database']->query2obj($q);
		if (is_object($r)) {
			$_SESSION['active_user'] = $r;
			return true;
		} else {
			return false;
		}
	}
	
	function logoff() {
		unset($_SESSION['active_user']);
	}
	
	function is_logged() {
		if  (is_object($_SESSION['active_user'])) {
			return $_SESSION['active_user'];
		} else {
			//header ('Location: index.php');
			return false;
		}
	}
	
	function get_role() {
		if (is_object($_SESSION['active_user'])) {
			return $_SESSION['active_user']->role;
		}
		return false;
	}
	
	function getAll() {
		$q = "SELECT * FROM _users ORDER BY name";
		$r = $GLOBALS['Database']->query($q);
		$out = array();
		while($row = mysql_fetch_object($r)) {
			$out[] = $row;
		}
		return $out;
		
	}
	
	function getById($id) {
		$q = "SELECT * FROM _users WHERE id = ". $id;
		return $GLOBALS['Database']->query2obj($q);
	}
	
	function update($id, $user, $pass, $name, $role) {
		$q = "UPDATE _users SET user = '". $user ."', pass = MD5('". $pass ."'), name = '". $name ."', role = '". $role ."' WHERE id = ". $id;
		return $GLOBALS['Database']->query($q);
	}
	
	function add($user, $pass, $name, $role) {
		$q = "INSERT INTO _users SET user = '". $user ."', pass = MD5('". $pass ."'), name = '". $name ."', role = '". $role ."'";
		return $GLOBALS['Database']->query($q);
	}
	
	function del($id) {
		$q = "DELETE FROM _users WHERE id = ".$id;
		return $GLOBALS['Database']->query($q);
	}
	
}

?>